In response to WhatsApp moving the Delhi High Court against the Information Technology (Intermediary Guidelines and Digital Ethics Code) Rules 2021 that requires the messaging platform to break end-to-end encryption, the Central government said it does not have any intention to violate the privacy of a citizen. At the same time, the government said that Right to Privacy is not absolute and that compliance with the rules was necessary for ‘public interest’.
On May 25, which was the last day to comply with the IT Rules 2021, WhatsApp approached the Delhi High Court challenging the provision of the rules that states that the platform has to trace the first originator of a message. WhatsApp in its plea said that the rules would require the platform to break its “end-to-end” encryption, a feature it claims provides complete privacy to messages on the platform. Breaking the encryption, would in turn infringe upon the fundamental right of the Right to Privacy of users, WhatsApp said in its petition.
Download a copy of WhatsApp’s petition here.
In a strongly worded release, the Ministry of Electronics and Information Technology termed WhatsApp’s ‘last-minute’ challenge in the court as an attempt to prevent the Intermediary Guidelines from coming to effect. Centre also said that the non-compliance with the rules was a “defiance of a measure whose intent can certainly not be doubted”. It also sought to remind the Facebook-owned messaging platform that “any operations being run in India are subject to the law of land”.
IT Minister Ravi Shankar Prasad also dismissed WhatsApp’s concerns regarding a breach of privacy and said that measures under the new IT Rules will not impact the functioning “in any manner whatsoever and for the common users, there will be no impact”.
Here is a brief rundown of Centre’s response:
Right to Privacy not absolute: The Centre reasoned that all Fundamental Rights, including Right to Privacy, is subject to reasonable restrictions. It said that the requirement under the IT Rules 2021 to trace the origin of a message is an example of a reasonable restriction.
Requirement to break E2E only in case of serious offences: The Ministry of Electronics and Information Technology said that the guidelines can be passes only for prevention, investigation, punishment of an offence related to sovereignty, integrity and security of India and so on. “We cannot deny as to how in cases of mob lynching and riots etc. repeated WhatsApp messages are circulated and recirculated whose content are already in public domain. Hence the role of who originated is very important,” Centre said.
WhatsApp earlier did not mention that traceability was not possible: The Central government said that after WhatsApp had not made any objection to the requirement to trace the first originator earlier. “They have generally sought time to extend the time for enforcement of guidelines but did not make any formal reference that traceability is not possible,” the Centre said, adding that the ‘last-minute’ challenge in the Delhi High Court was an “attempt” to prevent the Intermediary Guidelines from coming into effect.
WhatsApp’s responsibility to ensure privacy and also provide information: “The entire debate on whether encryption would be maintained or not is misplaced. Whether Right to Privacy is ensured through using encryption technology or some other technology is entirely the purview of the social media intermediary. The Government of India is committed to ensuring the Right of Privacy to all its citizens as well as have the means and the information necessary to ensure public order and maintain national security. It is WhatsApp’s responsibility to find a technical solution, whether through encryption or otherwise, that both happen,” said IT Minister RS Prasad
Rules have global precedence: The Centre gave examples of the United Kingdom, United States of America, Australia and Canada, who in 2019 said that tech companies should provide mechanisms in the design of their encrypted products for aiding authorities in gaining access to its data. MEITY also said that the Brazilian law enforcement wanted WhatsApp to provide the IP addresses, customer information, geo-location data and physical messages of a ‘suspect’.